UK GDPR

You can read our UK GDPR compliance statement below to find out what we are doing to ensure we are compliant. If you have any questions about the statement please email compliance@stihl.co.uk

How Andreas Stihl Limited (‘STIHL’) complies with the UK GDPR

The UK GDPR is an important piece of legislation that is designed to provide greater protection for individuals within the UK when their personal data is being used. 

STIHL is committed to protecting the privacy of individuals.

We have appointed a Data Protection Officer who can be contacted at compliance@stihl.co.uk

We are constantly reviewing our systems, processes and practices as part of our UK GDPR compliance.

We evaluate how we interact with our suppliers and distribution network in order to further protect the personal data we hold and use.

Further detail

In addition, STIHL engage in the following activities for UK GDPR:

  1. Implementation and regular reviewing of a Data Protection framework; 
  2. Reviewing the systems and processes we use that handle personal data and putting in place further appropriate technical, administrative and processing measures;
  3. Maintaining our privacy policies to ensure we are communicating with individuals in a clear manner and confirming the ways in which and for what purposes we are using their personal data;
  4. Reviewing our data handling policies to update them to reflect STIHL’s obligations and practices;
  5. Reviewing our reporting pathways to ensure individuals’ rights are adhered to, for example, submitting test subject access requests to make sure we can comply with our obligations relating to them;
  6. Regular training of our team in UK GDPR and Cyber Awareness to ensure our standards and obligations are understood and maintained throughout our organisation;
  7. Raising awareness of UK GDPR amongst our Dealer Network;
  8.  Carrying out due diligence on our third party processors to ascertain their compliance with the UK GDPR. Where any of our third party processors are processing personal data outside of the UK, we are evaluating the basis on which such processing can occur, for example, whether appropriate safeguards have been put in place; 
  9. Ensuring our contracts and processing agreements are UK GDPR compliant; and
  10. Ongoing assessment of UK GDPRs enhanced privacy requirements and supervisory authority guidance to ensure ongoing compliance.
  11. Regular engagement with legal specialists to assist us with our compliance program. 

We also review and test the changes made as part of our Data Protection framework to make sure we have not missed anything. 

Our German parent company ensures the whole STIHL group is compliant with the GDPR.

You may also be interested in